![]() Since the firewall can do user identification you can easily run GlobalProtect within the LAN and simply not allow any communication if the ip in question doesn't have an active user-mapping. ![]() Regardless it's something that you can do on the firewall as long as the firewall is handing out the IP addresses, but there's a better way of doing this. Generally this is something that you would configure on the LAN via your switches I'm not sure why someone would have ever configured this to work directly on the firewall unless this is a very small office. They're using mac-control to hand out IPs to their network on the Fortinet? It's been a while since I worked on anything Fortinet but I thought that this was on the Fortigate and it was specific to the wireless side of things, but that could have changed.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |